Extracted

• • Target

    42281d49da52812c4cd33228af087eaf.exe

  • Size

    391KB

  • MD5

    42281d49da52812c4cd33228af087eaf

  • SHA1

    7779d21fc9d1ea46dc643dfd45fa32ba4f54e6e2

  • SHA256

    58d1e777704216e668537c6db64d0178d44071736ed966eb3fc88bc05e6840c3

  • SHA512

    5bdc8c9f4056a8ba7fd6a03f438e871cec4ded79f1d8886e40b44904626de204341b50b76024309e6d4354fa62d20b2d3e9c0df398013bf20c2808f73c3b65e5

  • SSDEEP

    6144:cW3mkqlxrNBKiU6893YBwq3xj4/XjT7d6srMQW+bXvd0GsuFC1OlbTVdWnKfX:Lmk8TZUloBPsPj4KN/d0ouN

  Score

  7^/10

  discoveryspywarestealer

  • Reads local data of messenger clients

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2